lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <87fv9wzcs2.fsf@x220.int.ebiederm.org>
Date:	Mon, 23 Feb 2015 12:46:37 -0600
From:	ebiederm@...ssion.com (Eric W. Biederman)
To:	Dan Carpenter <dan.carpenter@...cle.com>
Cc:	Andrew Morton <akpm@...ux-foundation.org>,
	Andy Lutomirski <luto@...capital.net>,
	Wang YanQing <udknight@...il.com>,
	linux-kernel@...r.kernel.org, linux-nfs@...r.kernel.org,
	kernel-janitors@...r.kernel.org
Subject: Re: [patch] groups: integer underflow in groups_alloc()

Dan Carpenter <dan.carpenter@...cle.com> writes:

> On Mon, Feb 23, 2015 at 11:10:02AM -0600, Eric W. Biederman wrote:
>> Dan Carpenter <dan.carpenter@...cle.com> writes:
>> 
>> > This is called from rsc_parse() with a use controlled value.  Say for
>> > example that "gidsetsize" is negative, then we could end up allocating
>> > less than sizeof(struct group_info) leading to memory corruption.
>> 
>> Right now it is the responsibility of the caller of groups_alloc to make
>> certain that gidsetsize is a valid value, and the callers of
>> groups_alloc who know what they are doing already validate this value.
>> 
>> Either the pattern of caller validates the messages needs to continue,
>> or groups_alloc needs to be changed and all of the callers need to be
>> updated.
>> 
>> Changing groups_alloc for one particular caller is just going to cause
>> maintenance problems.
>> 
>
> This only affects NFS so let's hear from them if this limit is correct
> and decide from there.

The bug may be nfs specific bug changing groups_alloc does not only
affect nfs.

NGROUPS_MAX is the maxmimum number of groups the linux kernel supports
so NGROUPS_MAX may be high but it is certainly not wrong.

Your patch takes the wrong approach, creates code that is an
inconsistent mess and is thus wrong.  As setgroups is code that is
called every day I don't think only paying attention to NFS when talking 
how to change this is in any way appropriate, unless you propose an NFS
specific fix (which you clearly did not).

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ